<?php
 
if (isset($_POST['submitted'])) { // Handle the form.
	require_once ('mysql_connect.php'); // Connect to the database.
	// Check for username
	if (preg_match("/^[\x7f-\xff]+$/",trim($_POST['first_name']))) //[u4e00-u9fa5]
	{
		$fn = escape_data($_POST['first_name']);
	} 
	else {
		$fn = FALSE;
		echo '<script>alert("Please enter your Chinese name!");</script>';
	}
	
	// Check for an email address.
	if (eregi ('^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,4}$', stripslashes(trim($_POST['email'])))) {
		$e = escape_data($_POST['email']);
	} else {
		$e = FALSE;
		echo '<script>alert("Please enter your email!");</script>';
	}

	// Check for a password and match against the confirmed password.
	if (eregi ('^[[:alnum:]]{4,20}$', stripslashes(trim($_POST['pwd1'])))) {
		if ($_POST['pwd1'] == $_POST['pwd2']) {
			$p = escape_data($_POST['pwd1']);
		} else {
			$p = FALSE;
			echo '<script> alert("Your password did not match the confirmed password!");</script>';
		}
	} 
	else {
		$p = FALSE;
		echo '<script> alert("Please enter a valid password!");</script>';
	}
	
	if($_POST['usertype'] = '老师')
		$u =1;
	else
		$u =2;
	if($_POST['sex'] = '男')
		$s =1;
	else
		$s =2;
	if ($fn && $e && $p && $u) { // If everything's OK.

		// Make sure the userid is available.
		$query = "SELECT id FROM tb_users WHERE userid='".$_POST['userid']."'";		
		$result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
		if (mysql_num_rows($result) == 0) { // Available.
			// Create the activation code.
			$a = md5(uniqid(rand(), true));
			$regtime=strtotime("now");  //date("Y-m-j H:i:s");
			$lastlogintime=$regtime;
			// Add the user.
			$query = "INSERT INTO tb_users VALUES (NULL,'".$_POST['userid']."','$fn'".","."SHA($p),'".$e."','".$s."','".$_POST['birthday']."','".$_POST['tel']."','".$_POST['qq']."','".$_POST['faculty']."','".$_POST['address']."','".$regtime."','".$lastlogintime."','".$u."','".$_POST['question']."','".$_POST['answer']."',1,1,'".$a."')";
			$result = mysql_query ($query)or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
			if (mysql_affected_rows() == 1) { // If it ran OK.			
				// Send the email.
				require_once('sendemail.class.php');
				$sendto=$_POST['email'];
   				$sendfrom="发件邮箱地址";
				$mailpass="发件邮箱密码";
				$mailserver="smtp.qq.com";
				$body = "Thank you for registering at the User Registration site. To activate your account, please click on this link:\n\n";
				$body .= "http://localhost/l_library/activate.php?x=" . mysql_insert_id() . "&y=$a";
				$sm = new smail( $sendfrom, $mailpass, $mailserver);
				$end = $sm->send( $sendto, $sendfrom, $body,1);
				if( $end ) echo $end;
				else echo "<script type='text/javascript' charset='utf-8' >alert('发送成功');</script>";
				echo '<a href="http://localhost/l_library/index.php">Thank you for registering! A confirmation email has been sent to your address. Please click on the link in that email in order to log in your account</a>.</h3>';
				//include ('../includes/footer.html'); // Include the HTML footer.
				exit();				
				
			} 
			else { // If it did not run OK.
				echo '<p><font color="red" size="+1">You could not be registered due to a system error. We apologize for any inconvenience.</font></p>'; 
			}		
			
		} 
		else { // The email address is not available.
			echo '<p><font color="red" size="+1">That userid has already been registered. If you have forgotten your password, use the link to have your password sent to you.</font>click here<a href="http://localhost/l_library/findpwd/openfindpwd.php">log in</a>.</p>'; 
		}
		
	} 
	else { // If one of the data tests failed.
		echo '<p><font color="red" size="+1">Please try again.</font></p>';		
	}

	mysql_close(); // Close the database connection.

} // End of the main Submit conditional.
?>